Add support for enabling Secure Encrypted Virtualization in the GUI
Charles Arnold
carnold at suse.com
Mon Apr 4 15:48:37 UTC 2022
On 4/4/22 8:37 AM, Boris Fiuczynski wrote:
> On 4/4/22 2:50 PM, Daniel P. Berrangé wrote:
>> On Fri, Apr 01, 2022 at 12:13:17PM -0600, Charles Arnold wrote:
>>> From d700e8cee7cd525c0022b5a9a440f64c4ab149f0 Mon Sep 17 00:00:00 2001
>>> From: Charles Arnold <carnold at suse.com>
>>> Date: Fri, 1 Apr 2022 12:01:21 -0600
>>> Subject: [PATCH 1/1] Add support for enabling Secure Encrypted
>>> Virtualization
>>> in the GUI
>>>
>>> Add an "Enable Launch Security" checkbox on the Details memory tab.
>>> Do the minimal configuration required for libvirt to enable this
>>> feature
>>> on compatible hardware.
>>>
>>
>> Don't we need to turn on the 'iommu' option for all virtio devices
>> too, and disable PXE on any NICs ?
>>
>> https://libvirt.org/kbase/launch_security_sev.html#virtio
>>
>> With regards,
>> Daniel
>>
>
> Hi Arnold,
> your patch does not take into account that libvirt uses launch
> security for more types besides sev.
>
>
Good point. I haven't taken into account the s390 case which I can correct.
I'm not aware of other launch security types besides those two.
- Charles
More information about the virt-tools-list
mailing list